The personal and protected health information of about 19,000 current and former Toyota employees and health plan participants may be at risk following a breach in August.
Toyota Industries North America issued a notice about the breach in late September. In August, the company discovered that its email system may have been accessed by an unauthorized third party that potentially gained access to a “small number of email accounts.” The incident could impact about 19,000 current and former employees and health plan participants.
According to the company, information that may have been accessed included: full name, home address, date of birth, phone number, financial account information, social security number, photograph of social security card, driver’s license number, photograph of driver’s license, email address, photograph of birth certificate, photograph of passport, treatment information, prescription information, diagnoses, health plan beneficiary number and portal username, password and security questions.
“While the company is not aware of any actual harm to individuals as a result of the situation, it is providing potentially affected individuals with information via First Class mail regarding steps taken, and what can be done to protect against potential harm,” the company said in a statement.
“At this point, the company is not aware of any misuse of personal information because of this incident, and to date, the company has no evidence that this data was removed from its systems.”
The company quickly investigated the incident and is reviewing its training, technology and security practices. It also alerted credit monitoring companies of the security incident.